program:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x11, &(0x7f00000000c0), 0x4)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x955, 0x7214, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200)={[{@stripe={'stripe', 0x3d, 0x8001}}, {@auto_da_alloc}, {@nombcache}, {@nobarrier}, {@init_itable}, {@errors_remount}]}, 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0xe000}, 0x5}], 0x1, 0x8804)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x9, 0xa}, {0x1, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000600)=[{{&(0x7f0000000180)={0xa, 0x4e22, 0xfff, @local, 0x5}, 0x1c, 0x0}}], 0x1, 0x810)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000a00)={'ip6_vti0\x00', &(0x7f0000000040)=@ethtool_rxfh={0x37, 0x0, 0x0, 0x0, 0x0, "f77fb2"}})
lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000100)=ANY=[@ANYRESHEX=r4, @ANYRESHEX], 0xfe37, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x1}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x2)
syz_usb_control_io$hid(r2, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "db19ff47"}]}}, 0x0}, 0x0)
write(r1, &(0x7f0000000000)="14000000140005b7ffccca38b9000000010860eb", 0x14)
[ 85.466939][ T4667] Bluetooth: hci0: command tx timeout
[ 85.830805][ T5327] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 85.980754][ T5327] usb 5-1: Using ep0 maxpacket: 16
[ 85.985643][ T5327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 85.990362][ T5327] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 85.994672][ T5327] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 85.999888][ T5327] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[ 86.004451][ T5327] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 86.015689][ T5327] usb 5-1: config 0 descriptor??
[ 86.236116][ T5329] loop0: detected capacity change from 0 to 1024
[ 86.244938][ T5329] =======================================================
[ 86.244938][ T5329] WARNING: The mand mount option has been deprecated and
[ 86.244938][ T5329] and is ignored by this kernel. Remove the mand
[ 86.244938][ T5329] option from the mount to silence this warning.
[ 86.244938][ T5329] =======================================================
[ 86.294366][ T5329] EXT4-fs (loop0): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[ 86.344038][ T5329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 86.410176][ T5329] ==================================================================
[ 86.413736][ T5329] BUG: KASAN: slab-out-of-bounds in ext4_xattr_set_entry+0x179e/0x1e20
[ 86.417466][ T5329] Read of size 26214 at addr ffff88804af4e000 by task syz.0.0/5329
[ 86.420666][ T5329]
[ 86.421641][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.421656][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.421663][ T5329] Call Trace:
[ 86.421670][ T5329]
[ 86.421676][ T5329] dump_stack_lvl+0x189/0x250
[ 86.421695][ T5329] ? __kasan_check_byte+0x12/0x40
[ 86.421711][ T5329] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.421723][ T5329] ? lock_release+0x4b/0x3e0
[ 86.421736][ T5329] ? __virt_addr_valid+0x4a5/0x5c0
[ 86.421752][ T5329] print_report+0xca/0x240
[ 86.421764][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.421779][ T5329] kasan_report+0x118/0x150
[ 86.421795][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.421811][ T5329] kasan_check_range+0x2b0/0x2c0
[ 86.421826][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.421839][ T5329] __asan_memmove+0x29/0x70
[ 86.421851][ T5329] ext4_xattr_set_entry+0x179e/0x1e20
[ 86.421871][ T5329] ext4_xattr_block_set+0x872/0x2ac0
[ 86.421885][ T5329] ? ext4_destroy_inode+0x143/0x2d0
[ 86.421896][ T5329] ? __pfx_ext4_free_in_core_inode+0x10/0x10
[ 86.421910][ T5329] ? __pfx_evict+0x10/0x10
[ 86.421921][ T5329] ? do_raw_spin_unlock+0x4d/0x240
[ 86.421935][ T5329] ? _raw_spin_unlock+0x28/0x50
[ 86.421999][ T5329] ? iput+0x946/0xc50
[ 86.422016][ T5329] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 86.422032][ T5329] ? ext4_xattr_ibody_set+0x510/0x6a0
[ 86.422049][ T5329] ext4_xattr_set_handle+0xdfb/0x1590
[ 86.422067][ T5329] ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 86.422082][ T5329] ? __ext4_journal_start_sb+0x27e/0x5c0
[ 86.422098][ T5329] ext4_xattr_set+0x230/0x320
[ 86.422114][ T5329] ? __pfx_ext4_xattr_set+0x10/0x10
[ 86.422129][ T5329] ? __pfx_evm_protect_xattr+0x10/0x10
[ 86.422140][ T5329] ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 86.422150][ T5329] __vfs_setxattr+0x43c/0x480
[ 86.422168][ T5329] __vfs_setxattr_noperm+0x12d/0x660
[ 86.422184][ T5329] vfs_setxattr+0x16b/0x2f0
[ 86.422200][ T5329] ? __pfx_vfs_setxattr+0x10/0x10
[ 86.422215][ T5329] filename_setxattr+0x274/0x600
[ 86.422231][ T5329] ? __pfx_filename_setxattr+0x10/0x10
[ 86.422245][ T5329] ? getname_flags+0x1e5/0x540
[ 86.422260][ T5329] path_setxattrat+0x364/0x3a0
[ 86.422272][ T5329] ? __pfx_path_setxattrat+0x10/0x10
[ 86.422291][ T5329] __x64_sys_lsetxattr+0xbf/0xe0
[ 86.422305][ T5329] do_syscall_64+0xfa/0xfa0
[ 86.422319][ T5329] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.422333][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.422342][ T5329] ? clear_bhb_loop+0x60/0xb0
[ 86.422354][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.422364][ T5329] RIP: 0033:0x7fb385b8f749
[ 86.422375][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.422384][ T5329] RSP: 002b:00007fb3869c2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 86.422397][ T5329] RAX: ffffffffffffffda RBX: 00007fb385de5fa0 RCX: 00007fb385b8f749
[ 86.422405][ T5329] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000280
[ 86.422413][ T5329] RBP: 00007fb385c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 86.422420][ T5329] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[ 86.422427][ T5329] R13: 00007fb385de6038 R14: 00007fb385de5fa0 R15: 00007ffd8d375998
[ 86.422439][ T5329]
[ 86.422443][ T5329]
[ 86.557095][ T5329] Allocated by task 5329:
[ 86.559077][ T5329] kasan_save_track+0x3e/0x80
[ 86.561371][ T5329] __kasan_kmalloc+0x93/0xb0
[ 86.563492][ T5329] __kmalloc_node_track_caller_noprof+0x568/0x800
[ 86.566423][ T5329] kmemdup_noprof+0x2b/0x70
[ 86.568451][ T5329] ext4_xattr_block_set+0x781/0x2ac0
[ 86.570740][ T5329] ext4_xattr_set_handle+0xdfb/0x1590
[ 86.573175][ T5329] ext4_xattr_set+0x230/0x320
[ 86.575124][ T5329] __vfs_setxattr+0x43c/0x480
[ 86.577369][ T5329] __vfs_setxattr_noperm+0x12d/0x660
[ 86.579817][ T5329] vfs_setxattr+0x16b/0x2f0
[ 86.581894][ T5329] filename_setxattr+0x274/0x600
[ 86.584089][ T5329] path_setxattrat+0x364/0x3a0
[ 86.586296][ T5329] __x64_sys_lsetxattr+0xbf/0xe0
[ 86.588485][ T5329] do_syscall_64+0xfa/0xfa0
[ 86.590436][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.593111][ T5329]
[ 86.594236][ T5329] The buggy address belongs to the object at ffff88804af4e000
[ 86.594236][ T5329] which belongs to the cache kmalloc-1k of size 1024
[ 86.600172][ T5329] The buggy address is located 0 bytes inside of
[ 86.600172][ T5329] allocated 1024-byte region [ffff88804af4e000, ffff88804af4e400)
[ 86.605629][ T5329]
[ 86.606680][ T5329] The buggy address belongs to the physical page:
[ 86.609469][ T5329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4af4c
[ 86.613105][ T5329] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 86.616521][ T5329] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[ 86.619424][ T5329] page_type: f5(slab)
[ 86.620946][ T5329] raw: 04fff00000000040 ffff88801a041dc0 dead000000000122 0000000000000000
[ 86.624114][ T5329] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 86.627411][ T5329] head: 04fff00000000040 ffff88801a041dc0 dead000000000122 0000000000000000
[ 86.631206][ T5329] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 86.634942][ T5329] head: 04fff00000000002 ffffea00012bd301 00000000ffffffff 00000000ffffffff
[ 86.638858][ T5329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 86.642559][ T5329] page dumped because: kasan: bad access detected
[ 86.645166][ T5329] page_owner tracks the page as allocated
[ 86.647587][ T5329] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5329, tgid 5328 (syz.0.0), ts 86365417834, free_ts 0
[ 86.655492][ T5329] post_alloc_hook+0x234/0x290
[ 86.657582][ T5329] get_page_from_freelist+0x2365/0x2440
[ 86.659902][ T5329] __alloc_frozen_pages_noprof+0x181/0x370
[ 86.662308][ T5329] alloc_pages_mpol+0x232/0x4a0
[ 86.664324][ T5329] allocate_slab+0x96/0x350
[ 86.666182][ T5329] ___slab_alloc+0xf56/0x1990
[ 86.668281][ T5329] __slab_alloc+0x65/0x100
[ 86.670141][ T5329] __kmalloc_noprof+0x471/0x7f0
[ 86.672105][ T5329] ext4_xattr_block_set+0x347/0x2ac0
[ 86.674362][ T5329] ext4_xattr_set_handle+0xdfb/0x1590
[ 86.676658][ T5329] ext4_xattr_set+0x230/0x320
[ 86.678531][ T5329] __vfs_setxattr+0x43c/0x480
[ 86.680773][ T5329] __vfs_setxattr_noperm+0x12d/0x660
[ 86.682829][ T5329] vfs_setxattr+0x16b/0x2f0
[ 86.684774][ T5329] filename_setxattr+0x274/0x600
[ 86.686986][ T5329] path_setxattrat+0x364/0x3a0
[ 86.689009][ T5329] page_owner free stack trace missing
[ 86.691219][ T5329]
[ 86.692218][ T5329] Memory state around the buggy address:
[ 86.694539][ T5329] ffff88804af4e300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 86.697777][ T5329] ffff88804af4e380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 86.701254][ T5329] >ffff88804af4e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.705131][ T5329] ^
[ 86.707398][ T5329] ffff88804af4e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.711715][ T5329] ffff88804af4e500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 86.716270][ T5329] ==================================================================
[ 86.822814][ T10] cfg80211: failed to load regulatory.db
[ 86.860333][ T5329] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 86.862781][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 86.866000][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.869951][ T5329] Call Trace:
[ 86.871234][ T5329]
[ 86.872417][ T5329] dump_stack_lvl+0x99/0x250
[ 86.874387][ T5329] ? __asan_memcpy+0x40/0x70
[ 86.876424][ T5329] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.878760][ T5329] ? __pfx__printk+0x10/0x10
[ 86.880891][ T5329] vpanic+0x237/0x6d0
[ 86.882663][ T5329] ? __pfx_vpanic+0x10/0x10
[ 86.884656][ T5329] ? preempt_schedule+0xae/0xc0
[ 86.886817][ T5329] ? __pfx_preempt_schedule+0x10/0x10
[ 86.888853][ T5329] panic+0xb9/0xc0
[ 86.890380][ T5329] ? __pfx_panic+0x10/0x10
[ 86.892296][ T5329] ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 86.894821][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.897181][ T5329] check_panic_on_warn+0x89/0xb0
[ 86.899244][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.901557][ T5329] end_report+0x78/0x160
[ 86.903309][ T5329] kasan_report+0x129/0x150
[ 86.905225][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.907356][ T5329] kasan_check_range+0x2b0/0x2c0
[ 86.909214][ T5329] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 86.911263][ T5329] __asan_memmove+0x29/0x70
[ 86.912907][ T5329] ext4_xattr_set_entry+0x179e/0x1e20
[ 86.914892][ T5329] ext4_xattr_block_set+0x872/0x2ac0
[ 86.917040][ T5329] ? ext4_destroy_inode+0x143/0x2d0
[ 86.919308][ T5329] ? __pfx_ext4_free_in_core_inode+0x10/0x10
[ 86.921623][ T5329] ? __pfx_evict+0x10/0x10
[ 86.923545][ T5329] ? do_raw_spin_unlock+0x4d/0x240
[ 86.925633][ T5329] ? _raw_spin_unlock+0x28/0x50
[ 86.927576][ T5329] ? iput+0x946/0xc50
[ 86.929175][ T5329] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 86.931441][ T5329] ? ext4_xattr_ibody_set+0x510/0x6a0
[ 86.933636][ T5329] ext4_xattr_set_handle+0xdfb/0x1590
[ 86.935899][ T5329] ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 86.938336][ T5329] ? __ext4_journal_start_sb+0x27e/0x5c0
[ 86.940579][ T5329] ext4_xattr_set+0x230/0x320
[ 86.942583][ T5329] ? __pfx_ext4_xattr_set+0x10/0x10
[ 86.944813][ T5329] ? __pfx_evm_protect_xattr+0x10/0x10
[ 86.947345][ T5329] ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 86.950069][ T5329] __vfs_setxattr+0x43c/0x480
[ 86.952236][ T5329] __vfs_setxattr_noperm+0x12d/0x660
[ 86.954413][ T5329] vfs_setxattr+0x16b/0x2f0
[ 86.956521][ T5329] ? __pfx_vfs_setxattr+0x10/0x10
[ 86.958727][ T5329] filename_setxattr+0x274/0x600
[ 86.960831][ T5329] ? __pfx_filename_setxattr+0x10/0x10
[ 86.963111][ T5329] ? getname_flags+0x1e5/0x540
[ 86.965232][ T5329] path_setxattrat+0x364/0x3a0
[ 86.967315][ T5329] ? __pfx_path_setxattrat+0x10/0x10
[ 86.969591][ T5329] __x64_sys_lsetxattr+0xbf/0xe0
[ 86.971704][ T5329] do_syscall_64+0xfa/0xfa0
[ 86.973737][ T5329] ? lockdep_hardirqs_on+0x9c/0x150
[ 86.975926][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.978580][ T5329] ? clear_bhb_loop+0x60/0xb0
[ 86.980729][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.983384][ T5329] RIP: 0033:0x7fb385b8f749
[ 86.985286][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 86.993068][ T5329] RSP: 002b:00007fb3869c2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 86.996180][ T5329] RAX: ffffffffffffffda RBX: 00007fb385de5fa0 RCX: 00007fb385b8f749
[ 86.999417][ T5329] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000280
[ 87.002744][ T5329] RBP: 00007fb385c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 87.006074][ T5329] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[ 87.009544][ T5329] R13: 00007fb385de6038 R14: 00007fb385de5fa0 R15: 00007ffd8d375998
[ 87.012881][ T5329]
[ 87.014474][ T5329] Kernel Offset: disabled
[ 87.016202][ T5329] Rebooting in 86400 seconds..